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In the claims : The claims are as follows . 

1. (Previously presented) A method for registering a user 
equipment terminal with a multimedia network, so as to allow the 
user equipment terminal to access, over a digital communication 
system, a multimedia network service to which the user equipment 
terminal is subscribed, the method comprising: 

a serving call session control function of the multimedia 
network sending an authentication vector request message to a 
home subscriber server, and 

the home subscriber server responding by providing in an 
authentication vector request response message a field indicating 
a list of services to which the user equipment terminal is 
subscribed along with either information that allows establishing 
security associations for each such service or information that 
could be used as keying material or other input for other 
security mechanisms specific to each service. 

2. (Previously presented) The method as in claim 1, wherein in 
responding to the authentication vector request response message, 
the serving call session control function of the multimedia 
network adds the information included in the authentication 
vector request response message to an authorization challenge 
message and forwards it to an interrogating call session control 
function of the multimedia network. 

3. (Previously presented) The method as in claim 2, wherein when 
the interrogating call sessiV^n control function receives the 
authorization challenge message, it forwards the message as a 
forwarded authorization challenge message to a proxy call session 
control function of the multimedia network, which parses the 
forwarded authorization challenge message, generates security 
policy database entries and corresponding security associations 
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for both the proxy call session control function and the user 
ec[uipment terminal, inserts its security policy database entries 
in its security policy database and corresponding security 
associations into its security association database, and provides 
in an updated authorization challenge message for the user 
equipment terminal the security policy database entries and 
corresponding security associations. 

4. (Previously presented) The method as in claim 3, wherein 
after receiving the updated authorization challenge message, the 
user equipment terminal inserts the security policy database 
entries into its security policy database and inserts the 
corresponding security associations into its security association 
database. 

5. (Previously presented) The method as in claim 4, further 
comprising keeping a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service. 

6. (Previously presented) The method as in claim 5, wherein the 
keys are an integrity key and a cipher key and are derived by 
applying a mapping to an argument including the number allocated 
to the respective service or part of a service by the register 
being kept. 

7. (Previously presented) A method for registering a user 
equipment terminal with a multimedia network so as to allow the 
user equipment terminal to access, over a digital communication 
system, a multimedia network service to which the user equipment 
terminal is subscribed, the method comprising: 

a proxy call session control function of the multimedia 
network communicating to the user equipment terminal an 
authorization challenge message, wherein the authorization 
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challenge message includes at least one security policy database 
entry and a corresponding security association derived by the 
proxy call session control function from information provided to 
the proxy call session control function indicating services to 
which the user equipment terminal is subscribed along with either 
information that allows establishing security associations for 
each such service or information that could be used as keying 
material or other input for other security mechanisms specific to 
each service, and 

the user equipment terminal inserting the at least one 
security policy database entry into its security policy database 
and the corresponding security association into its security 
association database, so that for a predetermined time any 
traffic between the user equipment terminal and the proxy call 
session control function is secure for the services to which the 
user equipment terminal is subscribed. 

8. (Previously presented) The method as in claim 7, further 
comprising keeping a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service, 

9. (Previously presented) The method as in claim 8, wherein the 
keys are an integrity key and a cipher key and are derived by 
applying a mapping to an argument including the number allocated 
to the respective service or part of a service by the register 
being kept. 

10. (Currently amended) A user equipment terminal, comprisingj_ 
a security policy database; and 

a processor, configured to : 

mcano , — rQGponoivG to receive as an input an authorization 
challenge message from a proxy call session control function of a 
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multimedia network, wherein the authorization challenge message 
includes at least one security policy database entry and a 
corresponding security association derived by the proxy call 
session control function from information provided to the proxy 
call session control function indicating services to which the 
user equipment terminal is subscribed along with either 
information that allows establishing security associations for 
each such service or infoinnation that could be used as keying 
material or other input for other security mechanisms specific to 
each service, for inoorting 

insert the at least one security policy database entry into 

its security policy database, and 

moano , — aloo rcQponGivo to the authorization challQngo 
moo o ago, — for inoorting insert the corresponding security 
association into ito the security association database. 

11. Canceled. 

12. (Currently amended) A user equipment terminal provided so as 
to communicate over a digital communication system , comprising a 
processor configured to provide : 

a first application program interface, responsive to an 
authorization challenge message from a proxy call session control 
function of a multimedia networ k of the digital communication 
system, wherein the authorization challenge message includes at 
least one security policy database entry and a corresponding 
security association derived by the proxy call session control 
function from information provided to the proxy call session 
control function indicating services to which the user equipment 
terminal is subscribed along with either information that allows 
establishing security associations for each such service or 
information that could be used as keying material or other input 
for other security mechanisms specific to each service, for 
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inserting the at least one security policy database entry into 
its security policy database, and 

a second application program interface, also responsive to 
the authorization challenge message, for inserting the 
corresponding security association into its security association 
database. 

13 . (Currently amended) A multimedia networ k of a digital 
communication system , comprisingj_ 

—a server including a processor configured to provide a 

serving call session control function, and 

a home subscriber server, 

^wherein the serving call session control function is 

configured p rovided so as to send an authentication vector 
request message to the home subscriber server, and the home 
subscriber server is configured to provide to the serving call 
session control function, in response to the authentication 
vector request message, an authentication vector request response 
message including a field indicating a list of services to which 
a user equipment terminal is sxibscribed along with either 
information that allows establishing security associations for 
each such service or information that could be used as keying 
material or other input for other security mechanisms specific to 
each service. 

14. (Previously presented) The multimedia network as in claim 
13, further comprising an interrogating call session control 
function, and wherein in response to the authentication vector 
request response message, the serving call session control 
function is configured to add the information included in the 
authentication vector request response message to an 
authorization challenge message and to forward it to the 
interrogating call session control function. 
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15. (Previously presented) The multimedia network as in claim 
14, further comprising a proxy call session control function, and 
wherein the interrogating call session control function is 
configured so that in response to the authorization challenge 
message, it forwards the message as a forwarded authorization 
challenge message to the proxy call session control function, 
which is configured to then parse the forwarded authorization 
challenge message, generate security policy database entries and 
corresponding security associations for both the proxy call 
session control function and the user equipment terminal, insert 
its security policy database entries in its security policy 
database and corresponding security associations into its 
security association database, and provide in an updated 
authorization challenge message for the user equipment terminal 
the security policy database entries and corresponding security 
associations . 

16. (Previously presented) The multimedia network as in claim 
13, further comprising a register for all services to allocate 
numbers used to derive keys for each service or part of a 
service. 

17. (Previously presented) The multimedia network as in claim 
16, wherein the keys are an integrity key and a cipher key both 
derived from a mapping to an argument including the number 
allocated to the respective service or part of a service included 
in the register. 

18. (New) A user equipment terminal as in claim 12, further 
comprising a memory storage, wherein the first and second 
application program interfaces provided by the processor are 
stored as corresponding processor instructions in the memory 
storage. 



-7- 



